In the midst of a new wave of the corona pandemic and booster vaccinations, a hacker attack means additional trouble for thousands of German medical practices.
The company Medatixx from Eltville in Hesse successfully sells software for practices and has now fallen victim to ransomware – blackmail software. Medatixx share with, In the middle of last week, his central system was encrypted. Such special software takes the data of a computer system as “hostage” and only makes them readable again for the owner when the ransom has been paid to the criminal hackers. At least if the blackmailed is lucky and the gangsters have a good day.
Medatixx is now practically invisible. The company’s central customer support has failed. Whoever called the hotline for customers on Tuesday morning only heard a tape announcement: Because of a “technical malfunction” one could not be reached. Anyone who writes an email to the company receives an error message. The company’s announcement states: “The investigative authorities and the data protection authority responsible for us are also involved.”
Medatixx has asked doctors using its computer programs to change their passwords. That affects thousands of doctors, because the company is not just any software junk, but the number two in the industry in Germany behind the Compugroup from Koblenz. Medatixx boasts a 28 percent market share. It’s about more than 20,000 practices, with 40,000 doctors and even more practice employees.
It is true that the attack did not hit the practice’s computers themselves, but rather the central Medatixx system. However, it cannot be ruled out that “the data stored by us has been stolen”. This could also include passwords that doctors use to secure access to their systems in which intimate X-rays, laboratory values, findings and prescriptions are stored.
Medatixx obviously wants to prevent hackers from breaking into the practice’s computers
Therefore Medatixx calls on its customers not only to change the password for the practice software “immediately”, but also that for Windows and for the so-called TI connector, a specially secured router that is supposed to transmit the data in a particularly protected manner. It connects the computers of the practices and their card readers with the telematics infrastructure (TI), via which the German healthcare system is digitally networked. Hospitals, pharmacies, doctors and health insurance companies have their own network connected to special hardware.
Obviously, Medatixx wants to rule out that hackers break into the computers of the practices themselves via the software house. Then they could also infiltrate the telematics infrastructure to which only legitimate practices have access.
Passwords are usually stored in encrypted form, but this encryption can often be cracked by knowledgeable hackers. Instructions on how to change the passwords of the various systems and Medatixx software products, find those affected here. At the request of the SZ, the company has not yet commented.
Even if it is still unclear whether individual practices or the TI infrastructure are now at risk: The precautionary measure of massive password changes shows how sensitive attacks are on companies that are connected to tens of thousands of other systems. Such hacking attacks on central service providers who supply many others can be particularly devastating because there are so many other targets in one fell swoop.